Library to offload some JWT crypto operations to KMS

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for jmtapio from gravatar.com jmtapio

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT)
  • Author: Juha-Matti Tapio
  • Requires: Python <4.0, >=3.9
Classifiers

Project description

Python jwt_kms library

This library is work in progress.

Isolating private asymmetric keys to AWS KMS helps improve security by making it next to impossible to make copies of them. This library aims to provide a simple interface to use KMS keys to sign payloads into JWS tokens and/or to encrypt payloads into JWE tokens.

Signing with RSA and EC keys is currently supported.

Keys

import boto3
from jwt_kms import jwk

client = boto3.client('kms')
key = jwk.JWK(client, 'some-key-id')

public_key_pem = key.public_key_pem

Signing

from jwt_kms import jws

payload = {
   'something': 'yes',
   'more_something': 'abc'
}

token = jws.JWS(payload).add_signature(key, 'RS256').serialize(compact=True)  # or compact=False

Encrypting

TODO.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for jmtapio from gravatar.com jmtapio

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT)
  • Author: Juha-Matti Tapio
  • Requires: Python <4.0, >=3.9
Classifiers

Release history Release notifications | RSS feed

This version

0.1.3

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

jwt_kms-0.1.3.tar.gz (4.4 kB view details)

Uploaded Source

Built Distribution

jwt_kms-0.1.3-py3-none-any.whl (5.2 kB view details)

Uploaded Python 3

File details

Details for the file jwt_kms-0.1.3.tar.gz.

File metadata

  • Download URL: jwt_kms-0.1.3.tar.gz
  • Upload date:
  • Size: 4.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.3.2 CPython/3.11.2 Linux/6.1.0-18-amd64

File hashes

Hashes for jwt_kms-0.1.3.tar.gz
Algorithm Hash digest
SHA256 34f564c4a09f1926ef2adef0953dda1d1309077b3647de1a0ddf3c72097fd7d6
MD5 b44624326ccba1353cd922a10787b6fa
BLAKE2b-256 dff326c91d849a08dd702f458de77604d31e615b472f66cb84c09cf36bfc6ea7

See more details on using hashes here.

File details

Details for the file jwt_kms-0.1.3-py3-none-any.whl.

File metadata

  • Download URL: jwt_kms-0.1.3-py3-none-any.whl
  • Upload date:
  • Size: 5.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.3.2 CPython/3.11.2 Linux/6.1.0-18-amd64

File hashes

Hashes for jwt_kms-0.1.3-py3-none-any.whl
Algorithm Hash digest
SHA256 63a7ea63a48d136ea73673ba1c8cedc46c9ffea472f7f56195b4c0b29ac2d1d7
MD5 2041dd977d2df187fbced289e33febad
BLAKE2b-256 73366b790b8c23b838347369d944ceeddc3c43aa92a3a4204c81e3d97aeacd89

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page